|
| void | GNR_derive_block_aes_key (unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub) |
| | We disable deprecation warnings because we implement RFC9408/LSD0001 record types here.
|
| |
| void | GNR_derive_block_xsalsa_key (struct GNUNET_CRYPTO_XSalsa20Nonce *nonce, struct GNUNET_CRYPTO_XSalsa20SecretKey *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub) |
| | Derive session key and iv from label and public key.
|
| |
| static enum GNUNET_GenericReturnValue | block_sign_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, const char *label, struct GNUNET_GNSRECORD_Block *block) |
| |
| static enum GNUNET_GenericReturnValue | block_sign_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, const char *label, struct GNUNET_GNSRECORD_Block *block) |
| |
| enum GNUNET_GenericReturnValue | GNUNET_GNSRECORD_block_sign (const struct GNUNET_CRYPTO_BlindablePrivateKey *key, const char *label, struct GNUNET_GNSRECORD_Block *block) |
| | Sign a block create with GNUNET_GNSRECORD_block_create_unsigned.
|
| |
| static enum GNUNET_GenericReturnValue | block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **block, int sign) |
| | Sign name and records.
|
| |
| static enum GNUNET_GenericReturnValue | block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **block, int sign) |
| | Sign name and records (EDDSA version)
|
| |
| static enum GNUNET_GenericReturnValue | block_create2 (const struct GNUNET_CRYPTO_BlindablePrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **result, int sign) |
| |
| enum GNUNET_GenericReturnValue | GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block) |
| | Check if a signature is valid.
|
| |
| static enum GNUNET_GenericReturnValue | block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EcdsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls) |
| |
| static enum GNUNET_GenericReturnValue | block_decrypt_eddsa (const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EddsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls) |
| |
| void | GNUNET_GNSRECORD_query_from_private_key (const struct GNUNET_CRYPTO_BlindablePrivateKey *zone, const char *label, struct GNUNET_HashCode *query) |
| | Calculate the DHT query for a given label in a given zone.
|
| |
| void | GNUNET_GNSRECORD_query_from_public_key (const struct GNUNET_CRYPTO_BlindablePublicKey *pub, const char *label, struct GNUNET_HashCode *query) |
| | Calculate the DHT query for a given label in a given zone.
|
| |
| static enum GNUNET_GenericReturnValue | block_open_ecdsa (void *cls, const char *label, const struct GNUNET_GNSRECORD_Block *block, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls) |
| |
| static enum GNUNET_GenericReturnValue | block_open_eddsa (void *cls, const char *label, const struct GNUNET_GNSRECORD_Block *block, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls) |
| |
| static enum GNUNET_GenericReturnValue | block_seal_not_implemented (void *cls, const char *label, struct GNUNET_TIME_Absolute expire, unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **result) |
| |
| static enum GNUNET_GenericReturnValue | block_seal (void *cls, const char *label, struct GNUNET_TIME_Absolute expire, unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **result) |
| |
| struct GNUNET_GNSRECORD_EncryptionContext * | GNUNET_GNSRECORD_encryption_context_setup_owner (const struct GNUNET_CRYPTO_BlindablePrivateKey *sk) |
| | Create a new encryption context for the zone owner.
|
| |
| struct GNUNET_GNSRECORD_EncryptionContext * | GNUNET_GNSRECORD_encryption_context_setup_resolver (const struct GNUNET_CRYPTO_BlindablePublicKey *zkey) |
| | Create a new encryption context for a resolver.
|
| |
| void | GNUNET_GNSRECORD_encryption_context_destroy (struct GNUNET_GNSRECORD_EncryptionContext *ec) |
| | Cleanup and free the encryption context.
|
| |
| enum GNUNET_GenericReturnValue | GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_BlindablePublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls) |
| | Decrypt block.
|
| |
API for GNS record-related crypto.
- Author
- Martin Schanzenbach
-
Matthias Wachs
-
Christian Grothoff
Definition in file gnsrecord_crypto.c.
| void GNR_derive_block_aes_key |
( |
unsigned char * |
ctr, |
|
|
unsigned char * |
key, |
|
|
const char * |
label, |
|
|
uint64_t |
exp, |
|
|
const struct GNUNET_CRYPTO_EcdsaPublicKey * |
pub |
|
) |
| |
We disable deprecation warnings because we implement RFC9408/LSD0001 record types here.
Derive session key and iv from label and public key.
We may eventually stop doing that, however!
4 byte nonce
Expiration time 64 bit.
Set counter part to 1
Definition at line 41 of file gnsrecord_crypto.c.
46{
47 static const char ctx_key[] = "gns-aes-ctx-key";
48 static const char ctx_iv[] = "gns-aes-ctx-iv";
49
51 ctx_key, strlen (ctx_key),
58 ctx_iv, strlen (ctx_iv),
63 memcpy (ctr + 4, &exp, sizeof (exp));
65 ctr[15] |= 0x01;
66}
struct GNUNET_HashCode key
The key used in the DHT.
static struct GNUNET_CRYPTO_EddsaPublicKey pub
#define GNUNET_CRYPTO_hkdf_gnunet(result, out_len, xts, xts_len, skm, skm_len,...)
A peculiar HKDF instantiation that tried to mimic Truncated NMAC.
#define GNUNET_CRYPTO_kdf_arg_string(d)
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
References GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_CRYPTO_hkdf_gnunet, GNUNET_CRYPTO_kdf_arg_string, key, and pub.
Referenced by block_create_ecdsa(), block_decrypt_ecdsa(), and run_pkey().
Definition at line 99 of file gnsrecord_crypto.c.
105{
108 size_t size = ntohl (block->
size) -
sizeof (*block) +
sizeof (*gnr_block);
109
111 ecblock = &(block)->ecdsa_block;
116
118 size -
sizeof (*gnr_block));
120 label,
121 "gns",
125 label,
126 "gns",
129 {
133 }
136}
static char * pkey
Public key of the zone to look in, in ASCII.
#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
GNS record set signature (GNS)
void GNUNET_CRYPTO_ecdsa_public_key_derive(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EcdsaPublicKey *result)
Derive a public key from a given public key and a label.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_sign_derived(const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey, const char *label, const char *context, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
This is a signature function for ECDSA which takes a private key, derives/blinds it and signs the mes...
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
static unsigned int size
Size of the "table".
Information we have in an encrypted block with record data (i.e.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_SignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow.
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!...
uint32_t size
Size of the block.
Information we have in an encrypted block with record data (i.e.
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of the block.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_EcdsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
References GNUNET_GNSRECORD_EcdsaBlock::derived_key, GNUNET_GNSRECORD_EcdsaBlock::expiration_time, GNRBlockPS::expiration_time, GNUNET_break, GNUNET_CRYPTO_ecdsa_public_key_derive(), GNUNET_CRYPTO_ecdsa_sign_derived(), GNUNET_free, GNUNET_malloc, GNUNET_memcpy, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, GNUNET_SYSERR, key, pkey, GNUNET_CRYPTO_SignaturePurpose::purpose, GNRBlockPS::purpose, GNUNET_GNSRECORD_EcdsaBlock::signature, GNUNET_CRYPTO_SignaturePurpose::size, GNUNET_GNSRECORD_Block::size, and size.
Referenced by block_create_ecdsa(), and GNUNET_GNSRECORD_block_sign().
Definition at line 140 of file gnsrecord_crypto.c.
146{
149 size_t size = ntohl (block->
size) -
sizeof (*block) +
sizeof (*gnr_block);
151 edblock = &(block)->eddsa_block;
157 size -
sizeof (*gnr_block));
158
160 label,
161 "gns",
164 label,
165 "gns",
170}
void GNUNET_CRYPTO_eddsa_public_key_derive(const struct GNUNET_CRYPTO_EddsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EddsaPublicKey *result)
Derive a public key from a given public key and a label.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_derived(const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey, const char *label, const char *context, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
This is a signature function for EdDSA which takes a private key and derives it using the label and c...
Information we have in an encrypted block with record data (i.e.
struct GNUNET_CRYPTO_EddsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_EddsaSignature signature
Signature of the block.
References GNUNET_GNSRECORD_EddsaBlock::derived_key, GNUNET_GNSRECORD_EddsaBlock::expiration_time, GNRBlockPS::expiration_time, GNUNET_CRYPTO_eddsa_public_key_derive(), GNUNET_CRYPTO_eddsa_sign_derived(), GNUNET_free, GNUNET_malloc, GNUNET_memcpy, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, key, pkey, GNUNET_CRYPTO_SignaturePurpose::purpose, GNRBlockPS::purpose, GNUNET_GNSRECORD_EddsaBlock::signature, GNUNET_CRYPTO_SignaturePurpose::size, GNUNET_GNSRECORD_Block::size, and size.
Referenced by block_create_eddsa(), and GNUNET_GNSRECORD_block_sign().
Sign name and records.
- Parameters
-
| key | the private key |
| pkey | associated public key |
| expire | block expiration |
| label | the name for the records |
| rd | record data |
| rd_count | number of records |
| block | the block result. Must be allocated sufficiently. |
| sign | sign the block GNUNET_NO if block will be signed later. |
- Returns
- GNUNET_SYSERR on error (otherwise GNUNET_OK)
Definition at line 223 of file gnsrecord_crypto.c.
231{
235
237 {
240 }
241
244 {
245 ecblock = &(*block)->ecdsa_block;
249 skey,
250 label,
254 rdata_len,
255 skey,
256 ctr,
257 &ecblock[1]);
258 }
263 {
267 }
269}
static enum GNUNET_GenericReturnValue block_sign_ecdsa(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, const char *label, struct GNUNET_GNSRECORD_Block *block)
void GNR_derive_block_aes_key(unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
We disable deprecation warnings because we implement RFC9408/LSD0001 record types here.
#define GNUNET_GNSRECORD_TYPE_PKEY
WARNING: This header is generated! In order to add GNS record types, you must register them in GANA,...
static char * expire
DID Document expiration Date Attribute String.
void GNUNET_CRYPTO_aes_ctr(const void *in_buf, size_t in_buf_len, const unsigned char key[(256/8)], const unsigned char iv[(128/8)], void *out_buf)
Decrypt or encrypt a given block using a symmetric key using AES in counter mode.
#define GNUNET_GNSRECORD_MAX_BLOCK_SIZE
Maximum size of a value that can be stored in a GNS block.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
uint64_t abs_value_us__
The actual value (in network byte order).
References GNUNET_TIME_AbsoluteNBO::abs_value_us__, block_sign_ecdsa(), GNUNET_GNSRECORD_EcdsaBlock::expiration_time, expire, GNR_derive_block_aes_key(), GNUNET_break, GNUNET_CRYPTO_aes_ctr(), GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_free, GNUNET_GNSRECORD_MAX_BLOCK_SIZE, GNUNET_GNSRECORD_TYPE_PKEY, GNUNET_malloc, GNUNET_OK, GNUNET_SYSERR, GNUNET_TIME_absolute_hton(), GNUNET_YES, key, and pkey.
Referenced by block_create2().
Sign name and records (EDDSA version)
- Parameters
-
| key | the private key |
| pkey | associated public key |
| expire | block expiration |
| label | the name for the records |
| rd | record data |
| rd_count | number of records |
| block | where to store the block. Must be allocated sufficiently. |
| sign | GNUNET_YES if block shall be signed as well |
- Returns
- GNUNET_SYSERR on error (otherwise GNUNET_OK)
Definition at line 286 of file gnsrecord_crypto.c.
294{
298
300 {
303 }
304
306 + rdata_len + crypto_secretbox_MACBYTES);
308 + rdata_len + crypto_secretbox_MACBYTES);
309 {
310 edblock = &(*block)->eddsa_block;
314 &skey,
315 label,
320 rdata_len,
321 (unsigned char*) rdata,
322 &skey,
324 &edblock[1]));
328 }
330}
static enum GNUNET_GenericReturnValue block_sign_eddsa(const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, const char *label, struct GNUNET_GNSRECORD_Block *block)
void GNR_derive_block_xsalsa_key(struct GNUNET_CRYPTO_XSalsa20Nonce *nonce, struct GNUNET_CRYPTO_XSalsa20SecretKey *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Derive session key and iv from label and public key.
#define GNUNET_GNSRECORD_TYPE_EDKEY
GNS zone delegation (EDKEY)
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_xsalsa20poly1305_encrypt(size_t in_buf_len, const unsigned char in_buf[in_buf_len], const struct GNUNET_CRYPTO_XSalsa20SecretKey *key, const struct GNUNET_CRYPTO_XSalsa20Nonce *nonce, void *out_buf)
Encrypt the given data using XSalsa20-Poly1305.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
References GNUNET_TIME_AbsoluteNBO::abs_value_us__, block_sign_eddsa(), GNUNET_GNSRECORD_EddsaBlock::expiration_time, expire, GNR_derive_block_xsalsa_key(), GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_xsalsa20poly1305_encrypt(), GNUNET_GNSRECORD_MAX_BLOCK_SIZE, GNUNET_GNSRECORD_TYPE_EDKEY, GNUNET_malloc, GNUNET_OK, GNUNET_SYSERR, GNUNET_TIME_absolute_hton(), GNUNET_YES, key, GNUNET_CRYPTO_XSalsa20Nonce::nonce, and pkey.
Referenced by block_create2().
Definition at line 350 of file gnsrecord_crypto.c.
357{
361 char *norm_label;
362#define CSIZE 64
365
367
369 {
371
373 if (0 != memcmp (&
line->key,
376 {
377
381 }
385 norm_label,
386 rdata,
387 rdata_len,
389 sign);
390 }
392 {
394 &edpubkey);
396 &edpubkey,
398 norm_label,
399 rdata,
400 rdata_len,
402 sign);
403 }
404#undef CSIZE
407}
static enum GNUNET_GenericReturnValue block_create_ecdsa(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **block, int sign)
Sign name and records.
static enum GNUNET_GenericReturnValue block_create_eddsa(const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **block, int sign)
Sign name and records (EDDSA version)
static char * line
Desired phone line (string to be converted to a hash).
static char * res
Currently read line or NULL on EOF.
static int result
Global testing status.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive key.
char * GNUNET_GNSRECORD_string_normalize(const char *src)
Normalize a UTF-8 string to a GNS name.
GNUNET_GenericReturnValue
Named constants for return values.
@ GNUNET_PUBLIC_KEY_TYPE_EDDSA
EDDSA identity.
@ GNUNET_PUBLIC_KEY_TYPE_ECDSA
The identity type.
Private ECC key encoded for transmission.
Line in cache mapping private keys to public keys.
References block_create_ecdsa(), block_create_eddsa(), CSIZE, expire, GNUNET_CRYPTO_ecdsa_key_get_public(), GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_free, GNUNET_GNSRECORD_string_normalize(), GNUNET_PUBLIC_KEY_TYPE_ECDSA, GNUNET_PUBLIC_KEY_TYPE_EDDSA, GNUNET_SYSERR, key, KeyCacheLine::key, line, pkey, res, and result.
Referenced by block_seal().
Definition at line 465 of file gnsrecord_crypto.c.
471{
472 size_t payload_len = ntohl (block->
size)
476
477 if (ntohl (block->
size) <
479 {
482 }
483 if (payload_len > UINT16_MAX)
484 {
487 }
490 label,
492 zone_key);
493 {
496
498 payload_len,
500 ctr,
505 {
506
509 }
510 {
512 unsigned int j;
514
520 {
523 }
524
526 j = 0;
527 for (
unsigned int i = 0; i <
rd_count; i++)
528 {
530 {
531
533 continue;
534 }
535
537 {
539
540 for (
unsigned int k = 0; k <
rd_count; k++)
541 {
542 if (k == i)
543 continue;
544 if (
rd[i].expiration_time < now.abs_value_us)
546 if ((
rd[k].record_type ==
rd[i].record_type) &&
547 (
rd[k].expiration_time >= now.abs_value_us) &&
549 {
552 "Ignoring shadow record\n");
553 break;
554 }
555 }
557 {
559 if (j != i)
561 j++;
562 }
563 }
564 else if (
rd[i].expiration_time >= now.abs_value_us)
565 {
566
567 if (j != i)
569 j++;
570 }
571 else
572 {
574
577 "Excluding record that expired %s (%llu ago)\n",
579 (
unsigned long long)
rd[i].expiration_time
580 - now.abs_value_us);
581 }
582 }
584 if (NULL != proc)
585 proc (proc_cls,
588 }
589 }
591}
static unsigned int rd_count
Number of records for currently parsed set.
static struct GNUNET_GNSRECORD_Data rd[50]
The record data under a single label.
static unsigned long long payload
How much data are we currently storing in the database?
int GNUNET_GNSRECORD_records_deserialize(size_t len, const char *src, unsigned int rd_count, struct GNUNET_GNSRECORD_Data *dest)
Deserialize the given records to the given destination.
unsigned int GNUNET_GNSRECORD_records_deserialize_get_size(size_t len, const char *src)
@ GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION
This expiration time of the record is a relative time (not an absolute time).
@ GNUNET_GNSRECORD_RF_SHADOW
This record should not be used unless all (other) records in the set with an absolute expiration time...
#define GNUNET_log(kind,...)
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
const char * GNUNET_STRINGS_absolute_time_to_string(struct GNUNET_TIME_Absolute t)
Like asctime, except for GNUnet time.
struct GNUNET_GNSRECORD_EcdsaBlock ecdsa_block
enum GNUNET_GNSRECORD_Flags flags
Flags for the record.
uint64_t expiration_time
Expiration time for the DNS record.
Time for absolute times used by GNUnet, in microseconds.
uint64_t abs_value_us
The actual value.
References GNUNET_TIME_Absolute::abs_value_us, GNUNET_TIME_AbsoluteNBO::abs_value_us__, GNUNET_GNSRECORD_Block::ecdsa_block, GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_EcdsaBlock::expiration_time, GNUNET_GNSRECORD_Data::flags, GNR_derive_block_aes_key(), GNUNET_break_op, GNUNET_CRYPTO_aes_ctr(), GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_ERROR_TYPE_INFO, GNUNET_GNSRECORD_records_deserialize(), GNUNET_GNSRECORD_records_deserialize_get_size(), GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_GNSRECORD_RF_SHADOW, GNUNET_log, GNUNET_NO, GNUNET_NZL, GNUNET_OK, GNUNET_STRINGS_absolute_time_to_string(), GNUNET_SYSERR, GNUNET_TIME_absolute_get(), GNUNET_YES, key, payload, rd, rd_count, and GNUNET_GNSRECORD_Block::size.
Referenced by block_open_ecdsa().
Definition at line 595 of file gnsrecord_crypto.c.
601{
602 size_t payload_len = ntohl (block->
size)
606
607
608 if (ntohl (block->
size) <
610 {
613 }
614 if (payload_len > UINT16_MAX)
615 {
618 }
620 &skey,
621 label,
623 ,
624 zone_key);
625 {
628
631 payload_len,
632 (unsigned char*) &block[1],
633 &skey,
636 {
639 }
640 payload_len -= crypto_secretbox_MACBYTES;
644 {
645
648 }
649 {
651 unsigned int j;
653
659 {
662 }
663
665 j = 0;
666 for (
unsigned int i = 0; i <
rd_count; i++)
667 {
669 {
670
672 continue;
673 }
674
676 {
678
679 for (
unsigned int k = 0; k <
rd_count; k++)
680 {
681 if (k == i)
682 continue;
683 if (
rd[i].expiration_time < now.abs_value_us)
685 if ((
rd[k].record_type ==
rd[i].record_type) &&
686 (
rd[k].expiration_time >= now.abs_value_us) &&
688 {
691 "Ignoring shadow record\n");
692 break;
693 }
694 }
696 {
698 if (j != i)
700 j++;
701 }
702 }
703 else if (
rd[i].expiration_time >= now.abs_value_us)
704 {
705
706 if (j != i)
708 j++;
709 }
710 else
711 {
713
716 "Excluding record that expired %s (%llu ago)\n",
718 (
unsigned long long)
rd[i].expiration_time
719 - now.abs_value_us);
720 }
721 }
723 if (NULL != proc)
724 proc (proc_cls,
727 }
728 }
730}
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_xsalsa20poly1305_decrypt(size_t in_buf_len, const unsigned char in_buf[in_buf_len], const struct GNUNET_CRYPTO_XSalsa20SecretKey *key, const struct GNUNET_CRYPTO_XSalsa20Nonce *nonce, void *out_buf)
Encrypt the given data using XSalsa20-Poly1305.
struct GNUNET_GNSRECORD_EddsaBlock eddsa_block
References GNUNET_TIME_Absolute::abs_value_us, GNUNET_TIME_AbsoluteNBO::abs_value_us__, GNUNET_GNSRECORD_Block::eddsa_block, GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_EddsaBlock::expiration_time, GNUNET_GNSRECORD_Data::flags, GNR_derive_block_xsalsa_key(), GNUNET_break_op, GNUNET_CRYPTO_xsalsa20poly1305_decrypt(), GNUNET_ERROR_TYPE_INFO, GNUNET_GNSRECORD_records_deserialize(), GNUNET_GNSRECORD_records_deserialize_get_size(), GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_GNSRECORD_RF_SHADOW, GNUNET_log, GNUNET_NO, GNUNET_NZL, GNUNET_OK, GNUNET_STRINGS_absolute_time_to_string(), GNUNET_SYSERR, GNUNET_TIME_absolute_get(), GNUNET_YES, GNUNET_CRYPTO_XSalsa20Nonce::nonce, payload, rd, rd_count, and GNUNET_GNSRECORD_Block::size.
Referenced by block_open_eddsa().